Fix a memory leak in tls_new_record_layer

If setting the crypto state has failed then memory might have been partially allocated to fields within the partially constructed record layer. We need to call tls_int_free() to properly free it. Found by the reproducible error patch in #21668 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #21753)
openssl · Aug 17, 2023 · 0577dba · 0577dba
1 parent 4a469cb
commit 0577dba
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
@@ -1411,7 +1411,7 @@ tls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers,
 
  err:
     if (ret != OSSL_RECORD_RETURN_SUCCESS) {
-        OPENSSL_free(*retrl);
+        tls_int_free(*retrl);
         *retrl = NULL;
     }
     return ret;